| 3450b662e8adbff215aa05fdc3c8e3167819c672 |
|
26-Sep-2017 |
Lorenzo Colitti <lorenzo@google.com> |
Allow connectivity-critical packets in data saver mode.
This makes IPv6 work on metered wifi networks. Without this:
1. We reject incoming RAs, so we lose connectivity when the RA
parameters expire.
2. We reject incoming NAs, so we get NUD failures.
Bug: 66015813
Test: angler builds, boots
Test: netd_{unit,integration}_test pass
Test: CtsHostsideNetworkTests tests pass
Change-Id: I033040ef0b91c22035e29c636123cd41ab1967ec
Merged-In: I033040ef0b91c22035e29c636123cd41ab1967ec
/system/netd/server/BandwidthController.h
|
| c61625942041127913de28ad0732b1ad2f6ef60b |
|
16-Jul-2017 |
Lorenzo Colitti <lorenzo@google.com> |
Remove now-unused strncpyAndCheck.
Test: bullhead-eng builds
Change-Id: Idacfeb71c1f108d9f51ce6f509ae16dbba8a2c2b
/system/netd/server/BandwidthController.h
|
| 0ecddc0aa28d6caf0f7c61710ff9ce189980283c |
|
06-Jul-2017 |
Lorenzo Colitti <lorenzo@google.com> |
Delete the last iptables commands in BandwidthController.
Bug: 28362720
Test: netd_{unit,integration}_test pass
Change-Id: I7e64747e3b933cdf1b76cd20356b9ff86015ec61
/system/netd/server/BandwidthController.h
|
| d59526a685e883752ad2139ba870aea86dbbd104 |
|
28-Jun-2017 |
Joel Scherpelz <jscherpelz@google.com> |
Refactor interface quota code before moving to iptables-restore.
This change substantially refactors the interface and shared
quota code in BandwidthController in preparation for making it
use IptablesRestoreController.
There should be no functional change.
Bug: 28362720
Test: bullhead builds,boots
Test: netd_{unit,integration}_test pass
Test: quota rules are added and removed when quotas are enabled/disabled
Change-Id: I7379fac58da4d98958bb050055a3c6bd7c617aa3
/system/netd/server/BandwidthController.h
|
| ced1dd9b01e19f0e675357844fcb3cf9f1870e33 |
|
28-Jun-2017 |
Joel Scherpelz <jscherpelz@google.com> |
Change list + manual search to set/map
Continued incremental cleanup to simplify change to iptables restore.
Rename some data members and switch to better data structures.
Test: as follows
- built
- flashed
- booted
- "runtest -x .../netd_unit_test.cpp" passes
- "runtest -x .../netd_integration_test.cpp" passes
Bug: 28362720
Bug: 38143143
Change-Id: Iff231bf180f9195b01e09c5cb8c883c5d3f2852a
/system/netd/server/BandwidthController.h
|
| bcad661ab90d5e4d04d41747d109f9c97c5f9490 |
|
30-May-2017 |
Joel Scherpelz <jscherpelz@google.com> |
Modernize string handling in BandwidthController
This change is preparation for removal of xt_quota2 in favor of NFLOG.
Note that the scope of changes is mostly limited to mechanical single
line changes from "const char*" to "const std::string&".
Test: as follows
- built
- flashed
- booted
- "runtest -x .../netd_unit_test.cpp" passes
- "runtest -x .../netd_integration_test.cpp" passes
Bug: 38143143
Bug: 28362720
Change-Id: I56ba810ff6fa2f409e32d86508cfdb1a81a50a4e
/system/netd/server/BandwidthController.h
|
| d9db08c4a12d6a2953b597d39bb3ac37c43d3658 |
|
28-Apr-2017 |
Lorenzo Colitti <lorenzo@google.com> |
Simplify enums in BandwidthController.
1. Ensure that the code always uses all enum values. This
provides a clear compile-time error if a passed-in enum value
is not handled, and allows us to remove several default
case labels and unreachable error logging code.
2. Factor out to common functions the code that converts enum
values to parts of iptables command lines.
Bug: 32073253
Test: netd_{unit,integration}_test pass
Change-Id: I7136055100dc312fa7cb8bba5506fe86412b1f4d
/system/netd/server/BandwidthController.h
|
| ce6748a3f656a206b4e85f48cda949bc152cf741 |
|
01-Feb-2017 |
Lorenzo Colitti <lorenzo@google.com> |
Use iptables pipes when fetching tether counters.
Tested using:
adb shell ndc bandwidth gettetherstats
adb shell iptables -nvx -L natctrl_tether_counters
adb shell ip6tables -nvx -L natctrl_tether_counters
Results:
114 0 wlan0 rmnet_data0 272883 2976 8624804 6032
200 0 Tethering stats list completed
Chain natctrl_tether_counters (2 references)
pkts bytes target prot opt in out source destination
2688 179096 RETURN all -- wlan0 rmnet_data0 0.0.0.0/0 0.0.0.0/0
5713 8351999 RETURN all -- rmnet_data0 wlan0 0.0.0.0/0 0.0.0.0/0
Chain natctrl_tether_counters (1 references)
pkts bytes target prot opt in out source destination
288 93787 RETURN all wlan0 rmnet_data0 ::/0 ::/0
319 272805 RETURN all rmnet_data0 wlan0 ::/0 ::/0
Test: manual test described above
Test: data usage increases by 10MB when downloading 10MB file
Test: netd_unit_test passes
Bug: 34873832
Change-Id: I32c4e750a4d3c379074cc13ab1302d51421860d2
/system/netd/server/BandwidthController.h
|
| 56c4b1eb7d15e55a4edb88cfc0d190d8817d1353 |
|
31-Jan-2017 |
Lorenzo Colitti <lorenzo@google.com> |
Use iptables pipes in BandwidthController startup.
Most of BandwidthController startup is already using
iptables-restore, but some commands (notably listing the costly
chains so they can be flushed by flushCleanTables) still
use iptables. Move these to use execIptablesRestoreWithOutput.
Test: netd_unit_test passes
Bug: 34873832
Change-Id: Ib0741a99a2605cd6934186fd4e5364331a4eab5a
/system/netd/server/BandwidthController.h
|
| 7364b75ca058d34875eb3567a57bfd9c03628129 |
|
08-Jul-2016 |
Lorenzo Colitti <lorenzo@google.com> |
Refactor getTetherStats in preparation for IPv6 tether counters.
Bug: 9580643
Change-Id: I11565cafbefbc06a7992d1ff18c707165d5b31ed
/system/netd/server/BandwidthController.h
|
| 13debb8996ca9cd3ce5d7f2817fe19e5df148f08 |
|
27-Mar-2016 |
Lorenzo Colitti <lorenzo@google.com> |
Use iptables-restore in BandwidthController startup.
This saves approximately 800ms on boot.
From the perspective of the rules, this change is a no-op. As the
unit test shows, the commands are the same, though some are in a
slightly different order because iptables-restore requires that
COMMIT be called between different tables (e.g., filter and
mangle).
For simplicity, enableBandwidthControl runs two iptables-restore
commands instead of one. This is not semantically different from
the previous code because the previous code just ran iptables
commands one by one, which provides no atomicity. Running two
commands is a bit slower than running one, but it's still much
faster than using iptables.
Using iptables-restore allows us to do things like ":<chain> -",
which both creates the chain (if it does not already exist) and
flushes it. This allows us to remove IPT_CLEANUP_COMMANDS and
IPT_SETUP_COMMANDS. Those two sets of commands, which basically
just did "-X bw_<foo>" and "-N bw_<foo>" were only necessary
because the preceding "-F bw_<foo>" command would not create
bw_<foo> if it did not already exist (e.g. in setupIptablesHooks,
which runs on netd startup).
Bug: 21725996
Change-Id: I6656aed4287dfcb2311c94800f430c143fb0b1a5
/system/netd/server/BandwidthController.h
|
| dedd271d9961dbe8b99ffa7d54ffd63ac326f866 |
|
21-Mar-2016 |
Lorenzo Colitti <lorenzo@google.com> |
Add a binder RPC to enable/disable data saver.
Bug: 26685616
Bug: 27506285
Change-Id: Id11ee717cfc1c79070b6bbec397986c25947646c
/system/netd/server/BandwidthController.h
|
| 86a4798264c9421cb02bc69836a323d918f73779 |
|
18-Mar-2016 |
Lorenzo Colitti <lorenzo@google.com> |
Add a rudimentary unit test for BandwidthController.
Bug: 26685616
Bug: 27506285
Change-Id: I4457abd43697a0425f167b81c1432d743800abb8
/system/netd/server/BandwidthController.h
|
| 7618ccb39a9e61b4b1e28e96394fd7097e62db8e |
|
17-Mar-2016 |
Lorenzo Colitti <lorenzo@google.com> |
Slightly restructure the data saver iptables rules.
1. Make bw_costly_shared jump to bw_happy_box after
bw_penalty_box. This allows the framework to manipulate
whitelists and blacklists independently.
2. Make bw_happy box always whitelist system apps. Because
bw_penalty_box is consulted before bw_happy_box, the
framework can always blacklist certain system apps (e.g.,
the media server) by putting them in the blacklist.
3. Add a method to add/remove a reject at the end of
bw_costly_shared. This will allow the framework to
enable/disable data saver by changing only one rule.
Bug: 26685616
Bug: 27506285
Change-Id: I67bff7c3c9ff5eb3f84fb84550cdf49f153e1b68
/system/netd/server/BandwidthController.h
|
| a33d47992ca04eb3f911fa41ca9d3794f1986b27 |
|
17-Mar-2016 |
Lorenzo Colitti <lorenzo@google.com> |
Remove the ability to enable/disable the happy box.
This code is unused, and the plan is to have the happy box
enabled at all times.
Bug: 26685616
Bug: 27506285
Change-Id: Ie15b0775d535df7ca94547a7d8b8a5ed536e6dbd
/system/netd/server/BandwidthController.h
|
| b1f0557b544cd5e689e013ff66591361d75ab1ff |
|
18-Mar-2016 |
Lorenzo Colitti <lorenzo@google.com> |
Don't keep naughty/nice app state in BandwidthController.
Copies of this state are already kept in NetworkManagementService,
NetworkPolicyManagerService, and iptables rules. A third copy of
this state is not necessary.
Bug: 26685616
Bug: 27506285
Change-Id: I8dd9fc60a28804ec95660092b13a2895f7480f56
/system/netd/server/BandwidthController.h
|
| 69261cb65186e27dfbdc1e3eec796437f9968ff9 |
|
20-Jun-2014 |
JP Abgrall <jpa@google.com> |
server: check interface names in RPC arguments for validity
This patch introduces a method isIfaceName that checks interface
names from various RPCs for validity before e.g. using them as
part of iptables arguments or in filenames.
All of these RPC calls can only be called from applications
with at least the CONNECTIVITY_INTERNAL permission in recent
Android versions, so the impact of the missing checks luckily
isn't very high.
Orig-Author: Jann Horn <jann@thejh.net>
Change-Id: I80df8d745a3de99ad02d6649f0d10562c81f6b98
Signed-off-by: JP Abgrall <jpa@google.com>
/system/netd/server/BandwidthController.h
|
| f4cfad361175a7f9ccf4d41e76a9b289c3c3da22 |
|
21-May-2014 |
Sreeram Ramachandran <sreeram@google.com> |
Move netd_client into netd.
Change-Id: Ie4b6b303225c93f2448a503d6ea9cebb552cbad5
/system/netd/server/BandwidthController.h
|